Modal title

Modal body text goes here.

The Fortinet Certified Trainer (FCT) assessment is a trainer evaluation process in which each candidate has to prove their training delivery skills. The FCT assessment is a two-day assessment that evaluates the FCT candidate’s ability to maintain Fortinet’s quality standards in technical knowledge, skills and instructional abilities.

Who can apply?

The FCT assessment candidate should be a Fortinet employee or a candidate sponsored by an ATC who has submitted proof of reference, along with an online application form. An FCT candidate who wants to apply for an FCT assessment must meet the following knowledge and experience eligibility requirements:

  • Extensive technical knowledge and skills in network security and cybersecurity
  • Five years of relevant experience in network security and cybersecurity
  • Certification in the required NSE training courses
  • Five years of experience in training delivery in IT security
  • Demonstrable training facilitation and delivery skills

If you meet all of these requirements you can apply for the FCT assessment!

Please contact fct@fortinet.com for queries and suggestions.

Skip to main content
Training Institute
  • Library
  • Schedule
  • Certifications
  • ATC
  • Academic Partner Program
  • Fast Track Workshops
  • Log in
  • Training
  • Library

FortiNDR On-Premises Administrator

Download Course Description
Course Description

In this course, you will learn how to administer, manage, and troubleshoot an on-premises FortiNDR deployment. You will explore different use cases and discover the various source feeds of FortiNDR. You will learn how it integrates within the Fortinet Security Fabric and collaborates with other products to enhance malware detection and enforce automatic response. You will also explore the various features on FortiNDR that provide administrators with a broad picture of the detected anomalies and aids with forensic analysis.

Who Should Attend

Security professionals involved in the management, configuration, administration, and monitoring of FortiNDR onpremises deployments should attend this course.

Prerequisites

You must have knowledge of networking and cybersecurity, and basic experience working with FortiGate and the Fortinet Security Fabric.

It is also recommended that you have an understanding of the topics covered in the FCP - FortiGate Administrator course.

Agenda
  1. Introduction
  2. Malware Detection and Security Analysis
  3. Security Fabric Integration and Fortinet Ecosystem
  4. Third-Party Inputs
Objectives

After completing this course, you will be able to:

  • Describe how FortiNDR can protect your network
  • Describe the FortiNDR operating modes
  • Describe how FortiNDR monitors network traffic
  • Describe how FortiNDR interacts other Fortinet or third-party products
  • Describe how FortiNDR can scan network share drives
  • Access FortiNDR GUI menus, CLI commands, and perform initial configuration tasks
  • Analyze network insight information on detected attacks
  • Manage false positive detection
  • Analyze attack scenarios, timelines, and host stories
  • Identify network outbreaks and assess network damage
  • Configure static filters and NDR muting rules
  • Configure Windows AD integration for device enrichment
  • Analyze various logs on FortiNDR
  • Integrate FortiNDR in Fortinet Security Fabric
  • Describe how FortiNDR triggers responses
  • Configure enforcement rules
  • Configure automated actions
  • Configure various FortiNDR integration modes
  • Integrate FortiNDR with FortiMail and FortiSandbox
  • Configure the logs and reports available on FortiNDR
  • Generate FortiNDR reports (FortiAnalyzer/FortiSIEM)
  • Configure ICAP integration
  • Explain FortiNDR API capabilities
  • Configure and analyze NetFlow logs and dashboards
  • Configure device enrichment and remote authentication
  • Configure network share scanning and quarantining
  • Analyze network share scan results
System Requirements

If you take the online format of this class, you must use a computer that has the following:

  • A high-speed internet connection
  • An up-to-date web browser
  • A PDF viewer
  • Speakers or headphones
  • One of the following:
    • HTML5 support
    • An up-to-date Java Runtime Environment (JRE) with Java Plugin enabled on your web browser

You should use a wired Ethernet connection, not a Wi-Fi connection. Firewalls, including Windows Firewall or FortiClient, must allow connection to the online labs.

Enroll Now

Access the latest self-paced training version
Looking for a previous version?

Click here to find previous versions of self-paced courses.
Purchasing Process

More information on how to purchase instructor-led courses, on-demand labs, exam vouchers, and study material.
Find an Instructor-Led Class

Browse our schedule for upcoming classes delivered by Fortinet.
Product Versions
  • FortiNDR 7.4
Course Duration
  • Lecture time (estimated): 4 hours
  • Lab time (estimated): 4 hours
  • Total course duration (estimated): 8 hours
    • 1 full day or 2 half days
Formats
  • Instructor-led (classroom and online)
  • Self-paced online
ISC2
  • CPE training hours: 4
  • CPE lab hours: 4
  • CISSP domains: Security Operations
Part Number (SKU)

See Purchasing Process for more information

Certification

This course does not have a certification exam.

  • Dashboard
  • Library
  • Schedule
You are not logged in. (Log in)
Data retention summary